function drupal_goto

Sends the user to a different Drupal page.

This issues an on-site HTTP redirect. The function makes sure the redirected URL is formatted correctly.

If a destination was specified in the current request's URI (i.e., $_GET['destination']) then it will override the $path and $options values passed to this function. This provides the flexibility to build a link to user/login and override the default redirection so that the user is redirected to a specific path after logging in:

$query = array(
  'destination' => "node/{$node->nid}",
);
$link = l(t('Log in'), 'user/login', array(
  'query' => $query,
));

Drupal will ensure that messages set by drupal_set_message() and other session data are written to the database before the user is redirected.

This function ends the request; use it instead of a return in your menu callback.

Parameters

$path: (optional) A Drupal path or a full URL, which will be passed to url() to compute the redirect for the URL.

$options: (optional) An associative array of additional URL options to pass to url().

$http_response_code: (optional) The HTTP status code to use for the redirection, defaults to 302. The valid values for 3xx redirection status codes are defined in RFC 2616 and the draft for the new HTTP status codes:

  • 301: Moved Permanently (the recommended value for most redirects).
  • 302: Found (default in Drupal and PHP, sometimes used for spamming search engines).
  • 303: See Other.
  • 304: Not Modified.
  • 305: Use Proxy.
  • 307: Temporary Redirect.

See also

drupal_get_destination()

url()

Related topics

HTTP handling
Functions to properly handle HTTP responses.
40 calls to drupal_goto()
action_admin_configure in drupal/core/modules/action/action.admin.inc
Form constructor for the configuration of a single action.
action_admin_remove_orphans in drupal/core/modules/action/action.admin.inc
Removes actions that are in the database but not supported by any enabled module.
action_goto_action in drupal/core/modules/action/action.module
Redirects to a different URL.
aggregator_admin_refresh_feed in drupal/core/modules/aggregator/aggregator.admin.inc
Page callback: Refreshes a feed, then redirects to the overview page.
comment_approve in drupal/core/modules/comment/comment.pages.inc
Page callback: Publishes the specified comment.

... See full list

4 string references to 'drupal_goto'
common_test_drupal_goto_land in drupal/core/modules/system/tests/modules/common_test/common_test.module
Page callback: Provides a landing page for drupal_goto().
common_test_menu in drupal/core/modules/system/tests/modules/common_test/common_test.module
Implements hook_menu().
drupal_redirect_form in drupal/core/includes/form.inc
Redirects the user to a URL after a form has been processed.
GotoTest::testDrupalGoto in drupal/core/modules/system/lib/Drupal/system/Tests/Common/GotoTest.php
Tests drupal_goto().

File

drupal/core/includes/common.inc, line 687
Common functions that many Drupal modules will need to reference.

Code

function drupal_goto($path = '', array $options = array(), $http_response_code = 302) {

  // A destination in $_GET always overrides the function arguments.
  // We do not allow absolute URLs to be passed via $_GET, as this can be an
  // attack vector, with the following exception:
  // - absolute URLs that point to this site (i.e. same base URL and
  //   base path) are allowed
  if (isset($_GET['destination']) && (!url_is_external($_GET['destination']) || _external_url_is_local($_GET['destination']))) {
    $destination = drupal_parse_url($_GET['destination']);
    $path = $destination['path'];
    $options['query'] = $destination['query'];
    $options['fragment'] = $destination['fragment'];
  }
  drupal_alter('drupal_goto', $path, $options, $http_response_code);

  // The 'Location' HTTP header must be absolute.
  $options['absolute'] = TRUE;
  $url = url($path, $options);
  header('Location: ' . $url, TRUE, $http_response_code);

  // The "Location" header sends a redirect status code to the HTTP daemon. In
  // some cases this can be wrong, so we make sure none of the code below the
  // drupal_goto() call gets executed upon redirection.
  drupal_exit($url);
}